Authorisation, roles and scopes | Athumi Documentatie

Authorization policies for the API endpoints are based on (OAuth) scopes. A scope is an equivalent to a permission. The following scopes are available:

Scope name	Permissions	Role GipodBijdrager	Role GipodRaadpleger	Role GipodApplicatieBeheerder	Role GipodAannemer	Role DeLijn*
gipod_pdo_write	Manage public domain occupancies (groundworks, works, events, parking bans)	YES	NO	NO		NO
gipod_pdo_read	Read-only access to public domain occupancies (groundworks, works, events, parking bans)	YES	YES	NO		NO
gipod_sp_write	Write signaling permits				YES
gipod_sp_read	Read signaling permits and related information				YES
gipod_ts_write	Manage trench synergy requests & synergies	YES	NO	NO		NO
gipod_ts_read	Read-only access trench synergy requests & synergies	YES	YES	NO		NO
gipod_org_write	Manage organisations within the structure of your organisation	NO	NO	YES		NO
gipod_org_read	Read-only access to organisations	YES	YES	YES		NO
gipod_org_settings	Manage organisations & application settings on organisation level	NO	NO	YES		NO
gipod_mh_write	Manage mobility hindrance	YES	NO	NO		NO
gipod_mh_read	Read-only access to mobility hindrance	YES	YES	NO		NO
gipod_notifications	Read notifications and update status of a notifications	YES	NO	NO		NO
gipod_impact_ov	Judge impact of public domain occupancies on public transport	NO	NO	NO		YES

*The following scopes will be added to this role: gipod_pdo_read, gipod_ts_read, gipod_mh_read, gipod_org_read.
A role is assigned to a user. A role specifies which scopes the user will get.
An overview of the roles aimed at GUI-users can be found here (in Dutch): Rollen in GIPOD

Role	Description	Allowed scopes
GipodBijdrager	Manage public domain occupancies Manage mobility hindrance Manage trench synergy requests Manage trench synergies Read organisations Read and manage notifications	gipod_pdo_write gipod_pdo_read gipod_ts_write gipod_ts_read gipod_mh_read gipod_mh_write gipod_org_read gipod_notifications
GipodRaadpleger	Read-only access to public domain occupancies Read-only access to mobility hindrance Read-only access to trench synergy requests Read-only access to trench synergies	gipod_pdo_read gipod_ts_read gipod_mh_read gipod_org_read
GipodApplicatieBeheerder	Manage organisation within the organisation structure Manage organisation level settings Manage trench synergy interest zone	gipod_org_read gipod_org_write gipod_org_settings
GipodAannemer	Submit signaling permit request (GIPOD-formulier) Read-only access to signaling permits (TBD) Read-only access to certain pdo’s / mobility hindrance / synergies	~~gipod_sp_create~~ gipod_sp_write gipod_sp_read (gipod_org_read)
DeLijn (only for users from De Lijn) TODO: rename Role to include GIPOD (IDM)	Judge impact of public domain occupancies on public transport	gipod_impact_ov TOBE: gipod_pdo_read gipod_ts_read gipod_mh_read gipod_org_read

GipodBijdrager

GipodRaadpleger

GipodApplicatieBeheerder

GipodAannemer

DeLijn (only for users from De Lijn)